Register now for better personalized quote!

Talos Responsible Disclosure Policy Update

Nov, 28, 2016 Hi-network.com

Responsible disclosure of vulnerabilities is a key aspect of security research. Often, the difficulty in responsible disclosure is balancing competing interests -assisting a vendor with patching their product and notifying the general public to prevent a 0-day situation. It is uncomfortable to acknowledge that if a white hat team has discovered a vulnerability in a high value target, it stands to reason their adversaries may also be trying to exploit the same issue. Researchers must carefully balance the needs and capabilities of vendors to fix a product with the safety and security of our customers and the community as a whole.

Talos has been measuring the timelines, industry responsiveness, and end results with regard to our responsible disclosure policy and today, we are announcing a few changes. The full text of the Vendor Vulnerability Reporting and Disclosure Policy can be found here:

http://www.cisco.com/c/en/us/about/security-center/vendor-vulnerability-policy.html. These changes include timeline adjustments based on vendor feedback and industry changes since we last addressed our Disclosure Policy.

Read More>>>

tag-icon Hot Tags : 0-day patch disclosure vulndev CERT

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.